﻿using IdentityServer4;
using IdentityServer4.Models;

using EIMSNext.Core.Entity;

namespace EIMSNext.Auth.Entity
{
    public class Client : MongoEntityBase
    {
        /// <summary>
        /// 企业Id
        /// </summary>
        public string CorpId { get; set; } = string.Empty;
        public bool Enabled { get; set; } = true;
        public string ProtocolType { get; set; } = IdentityServerConstants.ProtocolTypes.OpenIdConnect;
        public List<ClientSecret> ClientSecrets { get; set; } = new List<ClientSecret> { };
        public bool RequireClientSecret { get; set; } = true;
        public string? ClientName { get; set; }
        public string? Description { get; set; }
        public string? ClientUri { get; set; }
        public string? LogoUri { get; set; }
        public bool RequireConsent { get; set; } = true;
        public bool AllowRememberConsent { get; set; } = true;
        public bool AlwaysIncludeUserClaimsInIdToken { get; set; }
        public List<ClientGrantType> AllowedGrantTypes { get; set; } = new List<ClientGrantType>();
        public bool RequirePkce { get; set; }
        public bool AllowPlainTextPkce { get; set; }
        public bool AllowAccessTokensViaBrowser { get; set; }
        public List<ClientRedirectUri> RedirectUris { get; set; } = new List<ClientRedirectUri>();
        public List<ClientPostLogoutRedirectUri> PostLogoutRedirectUris { get; set; } = new List<ClientPostLogoutRedirectUri>();
        public string? FrontChannelLogoutUri { get; set; }
        public bool FrontChannelLogoutSessionRequired { get; set; } = true;
        public string? BackChannelLogoutUri { get; set; }
        public bool BackChannelLogoutSessionRequired { get; set; } = true;
        public bool AllowOfflineAccess { get; set; }
        public List<ClientScope> AllowedScopes { get; set; } = new List<ClientScope> { };
        public int IdentityTokenLifetime { get; set; } = 28800;
        public int AccessTokenLifetime { get; set; } = 28800;
        public int AuthorizationCodeLifetime { get; set; } = 300;
        public int? ConsentLifetime { get; set; } = null;
        public int AbsoluteRefreshTokenLifetime { get; set; } = 2592000;
        public int SlidingRefreshTokenLifetime { get; set; } = 1296000;
        public int RefreshTokenUsage { get; set; } = (int)TokenUsage.OneTimeOnly;
        public bool UpdateAccessTokenClaimsOnRefresh { get; set; }
        public int RefreshTokenExpiration { get; set; } = (int)TokenExpiration.Absolute;
        public int AccessTokenType { get; set; } = (int)0; // AccessTokenType.Jwt;
        public bool EnableLocalLogin { get; set; } = true;
        public List<ClientIdPRestriction> IdentityProviderRestrictions { get; set; } = new List<ClientIdPRestriction> { };
        public bool IncludeJwtId { get; set; }
        public List<ClientClaim> Claims { get; set; } = new List<ClientClaim> { };
        public bool AlwaysSendClientClaims { get; set; }
        public string ClientClaimsPrefix { get; set; } = "client_";
        public string? PairWiseSubjectSalt { get; set; }
        public List<ClientCorsOrigin> AllowedCorsOrigins { get; set; } = new List<ClientCorsOrigin> { };
        public List<ClientProperty> Properties { get; set; } = new List<ClientProperty> { };
        public int? UserSsoLifetime { get; set; }
        public string? UserCodeType { get; set; }
        public int DeviceCodeLifetime { get; set; }
        public string ApiKey { get; set; } = "";
    }   
}